Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Unable to get the access token getting 400 for OAUTH2.0 app

Rohit Magar
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Sep 22, 2023

I have created a OAuth 2.0 app and I want this app to get the users project and ticket details.. but after I am done with the authorization url.. I am unable to get the access token..   


I am referring this doc 

OAuth 2.0 (3LO) apps (

 I am stuck at this step

2. Exchange authorization code for access token


curl --request POST \ --url '' \ --header 'Content-Type: application/Json' \ --data '{"grant_type": "authorization_code","client_id": "YOUR_CLIENT_ID","client_secret": "YOUR_CLIENT_SECRET","code": "YOUR_AUTHORIZATION_CODE","redirect_uri": "https://YOUR_APP_CALLBACK_URL"}'

everything is they have asked.. i have added my client id and client secret.. but the Api is giving me 400

i get this as the response 

  1. HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: 'OK', url: '', ok: false, …}
    1. error:
      1. error: "invalid_request"
      2. error_description: "authorization_code is invalid"
      3. [[Prototype]]: Object
    2. headers: HttpHeaders {normalizedNames: Map(0), lazyUpdate: null, lazyInit: ƒ}
    3. message: "Http failure response for 400 OK"
    4. name: "HttpErrorResponse"

I did some research and some said that content-type needs to be changed.. i updated the content type to 

contentType:"application/x-www-form-urlencoded; charset=utf-8"
than i get an error that client_id cannot be empty whereas in the payload of the network tab we can still see the client id

Also they have given a point like To get a refresh token in your initial authorization flow, add offline_access to the scope parameter of the authorization URL. Once you have the refresh token, exchange it for an access token by calling the token URL

I tried this and still I didn't get any refresh token 

is that I should take another approach or what is it.. please help me out.. we have deadline for this feature to develop

1 answer

0 votes
Peter Van de Voorde
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Sep 25, 2023

Hi @Rohit Magar ,

Welcome to the Atlassian Community.
This is very much an Atlassian Developer question and I would highly recommend for you to join the Atlassian Developer Community here:

This community is solely focused on helping developers build apps on top of the Atlassian products and thus has a greater number of people who might be able to help you compared to the user community.


Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events